< Go back to Security & Threat Modelling training course
Editor (add & remove topics to suit your needs)
One of the first steps in an Application Security programme is to perform Threat Models (which are models of an Application’s security profile, with the objective of proactively exposing potential security design flaws and vulnerabilities ).
But what should ‘Threat Modeling’ look like in an organisation like yours? Who should be involved? What should be the objectives? How should it be organised? When should it be done? What are the most common threats and attack vectors that should be considered? How do Threats evolve and change over time?
This hands-on practical session is designed to answer those questions by performing multiple Threat Models on typical inhouse Applications, and enabling a discussion between participants on the best way to execute them.
It is key that all key players in an Application Development workflow know what questions to ask (or should be asked), and more importantly, what is the ‘mesurable difference’ between teams that have performed Threat Models vs teams that have pushed products/services into production without evaluating its security profile and risks
Threat Modelling – Getting Started
How to get started
Who should be involved?
An experienced threat modeler should guide the automated threat modeler software. An externally hired expert should oversee the first threat model process run for an organization.
The Subject Matters Experts on the application are: lead developers, application architects, DevOps experts, people who know the business.
Define an approach.
Many approaches exist, pick one. This can be done with an expert threat modeler or find an expert threat modeler to fit your chosen approach.
Define a proper scope: start small and encapsulated. Enumerate the components:
Exposed API endpoints
External content providers
Create a DFD or any diagram that shows the data flows
Add trust boundaries and/or “what if” scenarios
Threat Modelling – Cheat Sheet
This Working Session aims to produce an overview of how to integrate threat modelling into an Agile/DevOps/Continuous Integration (ADCI) process. Keep in mind that a proper lightweight process should be easily repeatable with few moving parts (ie. steps). It should be flexible enough to be used with various taxonomies and libraries. The focus of this session should be on creating that process. This process will be supported and complimented by prescriptive threat modeling guidance via the Threat Modeling Cheat Sheets being developed.
Define what components and steps are needed for a proper lightweight process. We should work on a definition (a “MVP” threat model) that does not include over-processing or over-variation. The process framework will drive the specific discussion points below.
Make the framework flexible enough to accept many different base artefacts (e.g. - RACI, DFDs, lists etc.) for ADCI environments.
Define and refine the “incremental threat modelling” concept to enable integration with ADCI iterational approaches.
Add steps describing how to start threat modelling on an existing project/codebase without the need to cover everything (similar to introducing tests to legacy software). Build on the “10,000 ft view” model of encapsulation.
Create a set of top-level application component patterns to speed up analysis. These asset libraries can be used to complement other libraries that may get plugged into the lightweight process. Keep this pattern library to a manageable set of elements (shoot for around 10).
Review threat model taxonomies (eg. CIA, STRIDE, CWE, CAPEC, etc.) and decide which one(s) fit best for a lightweight process.
Create an adaptable threat library based on current OWASP and MITRE content, and align this process with the lightweight taxonomy (or taxonomies). Keep this library to a manageable set of elements (shoot for around 10).
Define the schema definitions for a migitations/countermeasures/controls library, again keeping the definitions top-level and flexible to enable speedy use. These definitions should leverage other OWASP content (e.g. ASVS, cheat sheets, SKF mitigation guidance, etc.) Keep this library to a manageable set of elements (shoot for around 15).
Content from Cheat Sheets will parrallel efforts depicted by this lightweight threat modeling process.
Defined: Lightweight threat modelling process with artefacts for ADCI environments
Created: “How to” guide for ADCI environments
Created: application component patterns library
Created: adaptable threat library
Created: countermeasures library schema definition
Key process activities that tie to cheat sheet guidance
Audience & Requirements
Duration, location and dates
If you have a course length in mind, please select from the list
More than 5 days
Where would you like the course to be held?
On your site
At our London offices
Please quote for both options
Where is your site located?
If you have a date and location in mind, enter them here....
Complete the form oppositebelow to get your quote >>>
GET A CUSTOM COURSE QUOTE
Complete this form for an instant quote Or for more information call 0800 028 6400